Tag Archives: key pinning

How to Fix the Error ‘MOZILLA_PKIX_ERROR_KEY_PINNING_FAILURE’ in Firefox

Posted on by

Learn What to Do When Your Certificate Uses Public Key Pinning

The public key the web browser uses to verify the validity of the SSL/TLS certificate’s signature is incorrect or isn’t pinned to the HTTP header. Key pinning may help you minimize the risk of MITM attacks. However, if you don’t do it right, it can do more harm than good.

Considering that Firefox, Chrome, and other major browsers have eliminated support for HPKP (i.e., HTTP public key pinning), it means that sites shouldn’t be using it.

Read More

What is HTTP Public Key Pinning and Why It’s Not Good to Practice

Posted on by

In the annals of bad human ideas, HTTP public key pinning, or what’s more commonly known as HPKP, ranks right up there with spray-on hair and two-in-one toilet/bidets. Without straying too far into the proverbial weeds, we’re going to lay out why you definitely shouldn’t be pinning your keys in this blog post.

And to be clear — just in case you don’t read past this sentence — don’t pin your keys. Simply put, HPKP is a terrible idea, and it’s more likely to break your website than lead to any meaningful improvement in security! Even Google agrees.

Read More